Dr. Meskó Bertalan

Security and privacy is a top leadership concern

10

Managing risk in an increasingly connected world

“This Nexus of Forces is impacting

security in terms of new vulnerabilities.

–Ruggero Contu, Christian Canales and Lawrence Pingree. Forecast Overview: Information Security, Worldwide, 2014 Update. Gartner, Inc. June 25, 2014.

Impact of cyber attacks could be

as much as $3 trillion in lost

productivity and growth

ImplicationsJob security Customer loyalty

Intellectual property

Legal liabilityBrand reputation

$ 3.5MAverage cost of

a data breach toa company

15 % increase YoY

median # of days attackers are

present on a victim network

before detection243

level issue

is a

CEO

Security

Cybercrime costs CDN economy up to

$5.3 Billion annually, report says

IT World Canada [2013]

How hackers allegedly stole

“unlimited” amounts of cash

from banks in just a few hours

Ars Technica [2013]Ars Technica [2013]

Universities face a rising

barrage of cyberattacks

HEADLINES

Malware burrows deep

into computer BIOS to

escape AV

The Register [September 2011]

Researchers have discovered one of the

first pieces ever used in the wild that

modifies the software on the motherboard

of infected computers to ensure the

infection can’t be easily eradicated…

New York Times [2013]

Cyberattacks on the rise

against US corporations

Forget carjacking, soon

it will be carhacking

The Sydney Morning Herald [2013]

Rising cyber security risks to drivers as

their cars become increasingly powered by

and connected to computers have

prompted the US auto-safety regulator to

start a new office focusing on the threat…

Espionage malware

infects rafts of

governments,

industries around

the world

Ars Technica [2013]

Photo credit: Peter Broster

Hyper scale Infrastructure34 Regions Worldwide, 30 ONLINE…huge capacity around the world…growing every year

100+ datacenters

Top 3 networks in the world Operational

Announced/Not Operational

Central US

Iowa

West US

California

East US

Virginia

US Gov

Virginia

North Central US

Illinois

US Gov

Iowa

South Central US

Texas

Brazil South

Sao Paulo State

West Europe

Netherlands

China North *

Beijing

China South *

Shanghai

Japan East

Tokyo, Saitama

Japan West

Osaka

India South

Chennai

East Asia

Hong Kong

SE Asia

Singapore

Australia South East

Victoria

Australia East

New South Wales

* Operated by 21Vianet

India Central

Pune

Canada East

Quebec City

Canada Central

Toronto

India West

Mumbai

Germany North East

Magdeburg

Germany Central

Frankfurt

United Kingdom

Regions

North Europe

Ireland

East US 2

VirginiaFrance

Korea

“Businesses and users are going to embrace technology only if they can trust it.”

At Microsoft, we never take your trust for granted

• We are serious about our commitment to protect customers in a cloud first world.

• We live by standards and practices designed to earn your confidence.

• We collaborate with industry and regulators to build trust in the cloud ecosystem.

– Satya Nadella

A cloud you can trust

Cloud Trust Pillars

Broadly Applicable

United States

Government

Industry Specific

Region/Country

Specific

Microsoft Cloud Compliance Certifications and Attestations

Addressing Compliance in Canada

SOC 1

Type 2ISO 27018ISO 27001 SOC 2

Type 2

PCI DSS

Level 1HIPAA /

HITECH

FedRAMP

JAB P-ATOFIPS 140-2

International

Attestations

TBS Controls

3rd Party Review

Foundational PIA

Privacy Act

TBS PIA Template

Provincial Privacy Laws

Provincial PIA Templates

Cyber Defense Operations Center

Canada has a head start

John Weigelt

Johnwei@microsoft.com

@Thumbtackhead